serf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From br...@apache.org
Subject svn commit: r1774748 - in /serf/trunk: buckets/ssl_buckets.c test/MockHTTPinC/MockHTTP_server.c test/test_ssl.c
Date Sat, 17 Dec 2016 12:27:08 GMT
Author: brane
Date: Sat Dec 17 12:27:08 2016
New Revision: 1774748

URL: http://svn.apache.org/viewvc?rev=1774748&view=rev
Log:
Make Serf compile and tests pass when the symbols OPENSSL_NO_TLSEXT
and/or OPENSSL_NO_OCSP are defined.

These symbols are used in several places to enclose conditional blocks
of code, but some checks were missing.

* buckets/ssl_buckets.c
  (ocsp_callback): Make conditional on OPENSSL_NO_OCSP, too.
  (serf_ssl_check_cert_status_request): Likelwise.

* test/MockHTTPinC/MockHTTP_server.c
  (ocspCreateResponse, ocspStatusCallback): Make conditional on
   OPENSSL_NO_TLSEXT and OPENSSL_NO_OCSP.
  (alpn_select_callback): Make conditional on OPENSSL_NO_TLSEXT.
  (initSSLCtx): Don't use alpn_select_callback depending on OPENSSL_NO_TLSEXT.
   Likewise for ocspStatusCallback, which also depends on OPENSSL_NO_OCSP.

* test/test_ssl.c
  (test_ss l_ocsp_response_error_and_override): Do not check for stapled
   OCSP response depending on OPENSSL_NO_TLSEXT and OPENSSL_NO_OCSP.
  (http11_select_protocol, http11_alpn_setup): Make conditional on
   OPENSSL_NO_TLSEXT and OPENSSL_NO_OCSP.
  (test_ssl_alpn_negotiate): Make test no-op depending on OPENSSL_NO_TLSEXT.

Modified:
    serf/trunk/buckets/ssl_buckets.c
    serf/trunk/test/MockHTTPinC/MockHTTP_server.c
    serf/trunk/test/test_ssl.c

Modified: serf/trunk/buckets/ssl_buckets.c
URL: http://svn.apache.org/viewvc/serf/trunk/buckets/ssl_buckets.c?rev=1774748&r1=1774747&r2=1774748&view=diff
==============================================================================
--- serf/trunk/buckets/ssl_buckets.c (original)
+++ serf/trunk/buckets/ssl_buckets.c Sat Dec 17 12:27:08 2016
@@ -587,7 +587,7 @@ static void bio_meth_free(BIO_METHOD *bi
 #endif
 }
 
-#ifndef OPENSSL_NO_TLSEXT
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_OCSP)
 /* Callback called when the server response has some OCSP info.
    Returns 1 if the application accepts the OCSP response as successful,
            0 in case of error.
@@ -670,7 +670,7 @@ static int ocsp_callback(SSL *ssl, void
 
     return cert_valid;
 }
-#endif
+#endif  /* OPENSSL_NO_TLSEXT && OPENSSL_NO_OCSP */
 
 typedef enum san_copy_t {
     EscapeNulAndCopy = 0,
@@ -2039,7 +2039,7 @@ apr_status_t
 serf_ssl_check_cert_status_request(serf_ssl_context_t *ssl_ctx, int enabled)
 {
 
-#ifndef OPENSSL_NO_TLSEXT
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_OCSP)
     SSL_CTX_set_tlsext_status_cb(ssl_ctx->ctx, ocsp_callback);
     SSL_CTX_set_tlsext_status_arg(ssl_ctx->ctx, ssl_ctx);
     SSL_set_tlsext_status_type(ssl_ctx->ssl, TLSEXT_STATUSTYPE_ocsp);

Modified: serf/trunk/test/MockHTTPinC/MockHTTP_server.c
URL: http://svn.apache.org/viewvc/serf/trunk/test/MockHTTPinC/MockHTTP_server.c?rev=1774748&r1=1774747&r2=1774748&view=diff
==============================================================================
--- serf/trunk/test/MockHTTPinC/MockHTTP_server.c (original)
+++ serf/trunk/test/MockHTTPinC/MockHTTP_server.c Sat Dec 17 12:27:08 2016
@@ -2448,6 +2448,7 @@ static void bio_meth_free(BIO_METHOD *bi
 #endif
 }
 
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_OCSP)
 static int ocspCreateResponse(OCSP_RESPONSE **resp, mhOCSPRespnseStatus_t status)
 {
     int ret = 1;
@@ -2526,6 +2527,7 @@ static int ocspStatusCallback(SSL *ssl,
     /* Couldn't find match */
     return SSL_TLSEXT_ERR_ALERT_FATAL;
 }
+#endif  /* OPENSSL_NO_TLSEXT && OPENSSL_NO_OCSP */
 
 /* Convert an ssl error into an apr status code for a specific context */
 static apr_status_t status_from_ssl(sslCtx_t *ssl_ctx, int ret_code)
@@ -2625,6 +2627,7 @@ static apr_status_t initSSL(_mhClientCtx
     return APR_SUCCESS;
 }
 
+#ifndef OPENSSL_NO_TLSEXT
 static int alpn_select_callback(SSL *ssl,
                                 const unsigned char **out,
                                 unsigned char *outlen,
@@ -2653,6 +2656,7 @@ static int alpn_select_callback(SSL *ssl
 
   return SSL_TLSEXT_ERR_ALERT_FATAL;
 }
+#endif  /* OPENSSL_NO_TLSEXT */
 
 /**
  * Inits the OpenSSL context.
@@ -2703,11 +2707,13 @@ static apr_status_t initSSLCtx(_mhClient
 #endif
 
 #if OPENSSL_VERSION_NUMBER >= 0x10002000L /* >= 1.0.2 */
+#  ifndef OPENSSL_NO_TLSEXT
         if (cctx->serv_ctx->alpn) {
             SSL_CTX_set_alpn_select_cb(ssl_ctx->ctx,
                                        alpn_select_callback,
                                        cctx->serv_ctx);
         }
+#  endif
 #endif
 
         if (cctx->protocols == mhProtoSSLv2) {
@@ -2773,7 +2779,7 @@ static apr_status_t initSSLCtx(_mhClient
                 break;
         }
 
-#ifndef OPENSSL_NO_TLSEXT
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_OCSP)
         if (cctx->ocspEnabled) {
             SSL_CTX_set_tlsext_status_cb(ssl_ctx->ctx, ocspStatusCallback);
             SSL_CTX_set_tlsext_status_arg(ssl_ctx->ctx, cctx);

Modified: serf/trunk/test/test_ssl.c
URL: http://svn.apache.org/viewvc/serf/trunk/test/test_ssl.c?rev=1774748&r1=1774747&r2=1774748&view=diff
==============================================================================
--- serf/trunk/test/test_ssl.c (original)
+++ serf/trunk/test/test_ssl.c Sat Dec 17 12:27:08 2016
@@ -1996,7 +1996,9 @@ static void test_ssl_ocsp_response_error
                                                 handler_ctx, tb->pool);
 
     CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCB_CALLED);
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_OCSP)
     CuAssertTrue(tc, tb->result_flags & TEST_RESULT_OCSP_CHECK_SUCCESSFUL);
+#endif
 }
 
 /* Validate that the subject's CN containing a '\0' byte is reported as failure
@@ -2164,6 +2166,7 @@ static void test_ssl_server_cert_with_sa
     CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCB_CALLED);
 }
 
+#ifndef OPENSSL_NO_TLSEXT
 static apr_status_t http11_select_protocol(void *baton,
                                            const char *protocol)
 {
@@ -2203,10 +2206,12 @@ static apr_status_t http11_alpn_setup(ap
 
   return APR_SUCCESS;
 }
+#endif /* OPENSSL_NO_TLSEXT */
 
 
 static void test_ssl_alpn_negotiate(CuTest *tc)
 {
+#ifndef OPENSSL_NO_TLSEXT
     test_baton_t *tb = tc->testBaton;
     handler_baton_t handler_ctx[1];
     const int num_requests = sizeof(handler_ctx)/sizeof(handler_ctx[0]);
@@ -2251,6 +2256,7 @@ static void test_ssl_alpn_negotiate(CuTe
 
     run_client_and_mock_servers_loops_expect_ok(tc, tb, num_requests,
                                                 handler_ctx, tb->pool);
+#endif /* OPENSSL_NO_TLSEXT */
 }
 
 CuSuite *test_ssl(void)



Mime
View raw message